The sandboxing required a number of fundamental changes. Microsoft could no longer assume that Defender Antivirus had full system access, and minimized IO to avoid leaving the sandbox whenever possible. Most protection info is stored in memory-mapped files that are read-only on launch, and the actual content processes have very limited access.It's not certain when Defender Antivirus might become widely available. You can safely presume that many people will be watching this test release closely, though. Provided it works as expected, it would offer Windows users a safety net that would work even when malware creators try to undermine Defender Antivirus itself. While it wouldn't be a guarantee of security, it could offer some extra peace of mind.
Original Date: 10-27-18
Written By: Jon Fingas